Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- //
- // named.conf
- //
- // Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
- // server as a caching only nameserver (as a any DNS resolver only).
- //
- // See /usr/share/doc/bind*/sample/ for example named configuration files.
- //
- // See the BIND Administrator's Reference Manual (ARM) for details about the
- // configuration located in /usr/share/doc/bind-{version}/Bv9ARM.html
- options {
- listen-on port 53 { any; };
- listen-on-v6 port 53 { ::1; };
- directory "/var/named";
- dump-file "/var/named/data/cache_dump.db";
- statistics-file "/var/named/data/named_stats.txt";
- memstatistics-file "/var/named/data/named_mem_stats.txt";
- recursing-file "/var/named/data/named.recursing";
- secroots-file "/var/named/data/named.secroots";
- allow-query { any; };
- allow-transfer { none; };
- /*
- - If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
- - If you are building a RECURSIVE (caching) DNS server, you need to enable
- recursion.
- - If your recursive DNS server has a public IP address, you MUST enable access
- control to limit queries to your legitimate users. Failing to do so will
- cause your server to become part of large scale DNS amplification
- attacks. Implementing BCP38 within your network would greatly
- reduce such attack surface
- */
- recursion no;
- dnssec-enable yes;
- dnssec-validation yes;
- dnssec-lookasied auto;
- /* Path to ISC DLV key */
- bindkeys-file "/etc/named.root.key";
- managed-keys-directory "/var/named/dynamic";
- pid-file "/run/named/named.pid";
- session-keyfile "/run/named/session.key";
- };
- logging {
- channel default_debug {
- file "data/named.run";
- severity dynamic;
- };
- };
- zone "." IN {
- type hint;
- file "named.ca";
- };
- include "/etc/named.rfc1912.zones";
- include "/etc/named.root.key";
- zone "ns1.sancaweb.com" {type master;file "/var/named/ns1.sancaweb.com.db";};
- zone "ns2.sancaweb.com" {type master;file "/var/named/ns2.sancaweb.com.db";};
- // zone sancaweb.com
- zone "sancaweb.com" {type master; file "/var/named/sancaweb.com.db";};
- // zone_end sancaweb.com
- // zone kopmart.com
- zone "kopmart.com" {type master; file "/var/named/kopmart.com.db";};
- // zone_end kopmart.com
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement